Author Topic: Gcat - a Fully Featured Backdoor That Uses Gmail as a C&C Server (Read 2914 times)

grayhats · « **on:** June 15, 2015, 05:21:48 pm »

A stealthy Python based backdoor that uses Gmail as a command and control server.

SETUP:
For this to work you need:

A Gmail account (Use a dedicated account! Do not use your personal one!)
Turn on "Allow less secure apps" under the security settings of the account
This repo contains two files:

gcat.py a script that's used to enumerate and issue commands to available clients
implant.py the actual backdoor to deploy

In both files, edit the gmailuser and gmailpwd variables with the username and password of the account you previously setup.

You're probably going to want to compile implant.py into an executable using Pyinstaller

How to use gcat:
https://www.youtube.com/watch?v=AI2ZWEwaSd0

proxx · « **Reply #1 on:** June 15, 2015, 05:31:22 pm »

If you would be so kind to post the source and make clear who the owner is we would be very happy here on evilzone, ill leave that up to you.
On average I think few click just another 'hackvideo' link, we don't care about the bling bling.

Axon · « **Reply #2 on:** June 15, 2015, 06:07:01 pm »

https://github.com/byt3bl33d3r/gcat

kenjoe41 · « **Reply #3 on:** June 18, 2015, 11:46:57 am »

Saw it on twitter some few weeks ago, thought it was too basic and someone with some programming could wip it up but thatnk for the share.
Have to say i debated on contributing code to it but was too busy to finish the dialogue with myself.

EvilZone

News:

Author Topic: Gcat - a Fully Featured Backdoor That Uses Gmail as a C&C Server (Read 2914 times)

grayhats

Gcat - a Fully Featured Backdoor That Uses Gmail as a C&C Server

proxx

Re: Gcat - a Fully Featured Backdoor That Uses Gmail as a C&C Server

Axon

Re: Gcat - a Fully Featured Backdoor That Uses Gmail as a C&C Server

kenjoe41

Re: Gcat - a Fully Featured Backdoor That Uses Gmail as a C&C Server